ci(deploy): build + push image on Gitea, ssh-deploy to netcup

Adds .gitea/workflows/{ci,deploy}.yml. Both jobs run inside the custom git.librete.ch/libretech/runner-image:v1 image. CI on every push runs npm test + a sanity build with placeholder VITE_*. The deploy workflow (gated on vars.DEPLOY_ENABLED) builds the multi-stage Vite + nginx Dockerfile, pushes to git.librete.ch/libretech/code-crispies (main → :main + :sha-<short>; tag → :<tag> + :latest), and ssh-deploys the netcup stack with 'docker compose pull && up -d'. compose.yaml gains an opt-in image-pull mode: CC_IMAGE pins the published tag in production (set in /srv/cc/.env), while the dev shell falls through to a local build when CC_IMAGE is unset. Replaces the legacy github-pages workflow at .github/workflows/main.yml which targeted GitHub Pages, not the netcup deployment.
2026-04-29 17:26:05 +02:00
parent 1e4b4430ee
commit f28cd5220a
3 changed files with 135 additions and 1 deletions
--- a/compose.yaml
+++ b/compose.yaml
@@ -1,5 +1,12 @@
 name: cc

+# Default behaviour:
+#   - On dev (no CC_IMAGE in env): build from local context.
+#   - On netcup (CC_IMAGE pinned in /srv/cc/.env to the published Gitea
+#     package): pull the image and skip the build context entirely.
+# The Gitea deploy workflow pushes git.librete.ch/libretech/code-crispies:main
+# on every main push.
+
 services:
  cc:
    build:
@@ -7,7 +14,8 @@ services:
      args:
        VITE_SUPABASE_URL: ${VITE_SUPABASE_URL}
        VITE_SUPABASE_ANON_KEY: ${VITE_SUPABASE_ANON_KEY}
-    image: cc:local
+    image: ${CC_IMAGE:-cc:local}
+    pull_policy: ${CC_PULL_POLICY:-missing}
    restart: always
    networks:
      - edge